package com.thermofisher.dsc.amanda.security.handler;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.thermofisher.dsc.amanda.common.exception.ExceptionCode;
import com.thermofisher.dsc.amanda.model.response.BaseResponse;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

/**
 * Created by wenjie.yang on 1/23/2019.
 */
public class CustomAccessDeniedHandler implements AccessDeniedHandler {

  private ObjectMapper objectMapper = new ObjectMapper();


  @Override
  public void handle(HttpServletRequest request,
      HttpServletResponse response,
      AccessDeniedException accessDeniedException) throws IOException,
      ServletException {
    response.setContentType("application/json");
    response.setCharacterEncoding("utf-8");
    BaseResponse<Object> errorResponse = new BaseResponse<>(ExceptionCode.ACCESS_DENIED,"ACCESS DENIED");
    response.getWriter().print(objectMapper.writeValueAsString(errorResponse));
    return ;
  }


}
